The approaches described in this section could be pursued, but are not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Residential and business customers of large-scale broadband network service providers typically access a broadband network using customer premises equipment (CPE) network devices. The CPE devices may include universal broadband routers and residential gateways, the Cisco 800 Series Routers, and others. Information about use of Cisco 800 CPEs for ADSL over ISDN is provided in the document http://www.cisco.com/en/US/products/hw/routers/ps380/?js=1
In a typical approach, a customer places an order for service with the service provider. In response, the service provider provides a CPE device to the customer, either directly from a stock location of the service provider or indirectly by requesting a vendor or manufacturer to “drop ship” the device from the manufacturer's location to the customer.
Providing Internet service through asynchronous digital subscriber line (ADSL) technology has become particularly popular because ADSL offers high-speed Internet access at a relatively low cost. However, when CPE devices use ADSL communication over integrated services digital network (ISDN) lines, problems arise with respect to configuring the CPE devices for proper operation. Typically, in this context, each CPE device within a class of CPE devices (such as Cisco 800 Series Routers) can be manufactured with slightly different hardware and software options. There is a need to ensure that the configuration that is provided to the device is compatible with the options installed in the device.
Further, many service providers use individual user authentication techniques, such as PPPoE, that require each CPE device to have a unique configuration with parameter values, such as individual username and password, that will support the authentication. A generic or standard configuration will not work in this context. Additionally, for security reasons, only certain classes of users may be allowed to have a particular kind of configuration. For example, assume that John is a teleworker for Company J, and Sue works for Company S; J and S are competitors that do not share confidential information on their networks; the same service provider provides service to John and Sue; and John and Sue use the same type or class of CPE device. If the service provider erroneously gives Sue's individual device configuration to John, then John might be able to access Sue's network. This is undesirable.
For the service provider to provide an individual configuration to a particular device, identification of the CPE device is needed. That is, the service provider needs to receive specific identifying information about the CPE device, from which the service provider can determine that a specific CPE device is located where the service provider expected the customer to receive and use the device. Thereafter, the service provider can provide one or more specific configuration commands or parameter values (an “individual configuration”) to the CPE device after it is installed at the customer site, to ensure that the CPE device can properly connect to and use the service provider network.
Several approaches have been available in the past to provide the individual configuration. In one approach, the service provider sends a service technician to the customer premises to manually enter or load the individual configuration. This approach provides manual authentication in the sense that the service technician physically appears at an authorized party's premises and installs the correct configuration there. However, service providers incur significant expense from this approach in comparison to the relatively low cost of the CPE device. Because of these costs, this approach is not practical for deployment of large numbers of devices. Thus, service providers would prefer to eliminate costs associated with a “truck roll” to the customer premises. These costs become excessive when the service provider is attempting to deploy thousands of units to customers.
In a second approach, the customer self-installs the individual configuration in the CPE device. For example, the CPE device can provide a Web server and pre-loaded Web pages that prompt the user to enter various configuration parameter values. This approach can enforce authentication by requiring each user to sign on with a previously distributed username and password. However, this approach is not accepted by some service providers, and is not desirable because users may make errors or may require technical support from the service provider in order to accomplish proper configuration, which imposes costs on the service provider. Management and distribution of passwords also present issues.
In yet another approach, the CPE device is pre-configured with an individual configuration. In this approach, the CPE device arrives at the customer premises with enough information to enable the CPE device to connect to a configuration server. However, the security of this approach is entirely dependent upon perfect logistical execution by the delivery channel. Because delivery services are known to be error-prone, the service provider must track specific CPE devices to ensure that they arrive at the correct location. This is required because if the customer receives and attempts to use a CPE device that has the wrong individual configuration, the device may be unable to work with the service provider's service. This could occur if the customer receives a non-working CPE device and later receives a replacement, exchanges boxes with another customer, receives the wrong box through error by the manufacturer, service provider, or delivery service, etc.
In this context, service providers desire to have a deployment process in which the service provider can verify that a particular CPE device is at a particular customer premises before providing an individual configuration, but such a process is not provided in current approaches. Further, the process should permit the CPE device can obtain an individual configuration automatically without a “truck roll” or other extraordinary intervention by the service provider.
Deutsche Telekom of Germany currently is the largest service provider in the world using ADSL over ISDN for broadband network service. Deutsche Telekom is known to use the ISDN line number in combination with a username for the purpose of authenticating user access to the network. In this approach, the ISDN line number serves as a substitute for a traditional user password. However, in this approach the ISDN line number only authenticates a user, but not a CPE device.
“Caller ID” or “calling party identification” is a known technology in which an end station in the public switched telephone network (PSTN) can request a PSTN switch to provide the telephone number of a calling party. The signaling messages that support Caller ID can be conveyed over ISDN lines. Caller ID can be used by various devices to query a PSTN switch over an ISDN line and thereby obtain a calling line identifier (“CLID”), or calling party number, representing the telephone number that the telephone company uses for the ISDN line.
In another approach that is believed to be practiced by Bintec of Germany, configuration is provided exclusively over ISDN to CPE devices. In this approach, a configuration device places a call over an ISDN line to the CPE device. The configuration device then provides a device configuration over the ISDN line. This approach has the disadvantage that an ISDN call is required for each CPE device.
Based on the foregoing, there is a clear need in this field for an approach that provides automatic deployment of CPE network devices at specific remote locations, without user intervention. There is a specific need for an approach that provides for individual authentication of a CPE device without user intervention. There is a particular need for such an approach in the context of ADSL, because millions of ADSL lines have been installed worldwide and thus the user base is very large.